[bombcar]

Which is why the only safe way to operate is assume anything that is susceptible to outside data is already compromised - and so run them in sandboxes.

[junon]

You should read the writeup. This was run in a sandbox. Sandboxes are not silver bullets and too can have bugs.

[petra]

The tech is the easy part: iOS/Android have the best security teams in the world, and an unlimited budget, and sandboxing is an old, proven tech.

I guess that the politics here are the real barrier.

[pjmlp]

Not only politics, the reason why some languages and OSes rule, is that real progress only happens one generation at a time, to put it in a more friendly wording.

[oblio]

"Science progresses, one funeral at a time."

https://en.wikipedia.org/wiki/Planck%27s_principle

As a general principle in life, it's quite frightening considering ever increasing life spans.

[viktorcode]

That's just a mitigation for tens of millions of lines of code written in C / C++.

[thaumasiotes]

That's not a solution. You're just piping the outside data into your sandbox; it can have bugs too.

[Scoundreller]

This is why I run a 1-task only Windows VM inside a Linux VM on a Mac. Ain’t nobody ripping through x3 0-days for my chats.

[saagarjha]

If you're a targeted journalist, they'll go through more than three to get you. Full chains are fairly long these days.

[Jerrrry]

lmao bro does all that in front of his IoT Samsung toaster, that has a speaker...speakers are microphones.

[birdyrooster]

Macwinux

[bryanrasmussen]

There's no such thing as a perfect solution, only solutions that improve a bad situation.

[thaumasiotes]

I'm not so much saying it's a bad idea as that what my parent comment described was a logical contradiction. It isn't possible to run "anything that is susceptible to outside data" in sandboxes, because that makes the sandbox susceptible to outside data. If you're genuinely assuming that anything susceptible is already compromised, then the sandbox is accomplishing literally nothing.

[Bombthecat]

I always remember a quote from a sci fi I read about the "multi planet Internet" there.

It was layer upon layer upon layer of protocols and software.

Because it wasn't possible to remove old layers (because some satellites or wormholes or whatever would stop working.)

So, it was super easy to hack...and sending spam. Well you will get killed for that though.

[bmsleight_]

Would be interested in the name of he book ?

[janstice]

It sounds like Vernor Vinge’s A Fire Upon The Deep (& sequels), well worth finding.

[fsflover]

It depends on which sandbox you are using. In Qubes OS on desktop, you rely on hardware virtualization, which is virtually unbreakable.

[tremon]

I thought Spectre and Meltdown also allowed host data leakage from a compromised guest?

[fsflover]

Yes, microcode vulnerabilities is a problem indeed. Hopefully Qubes Air (next version 5.0) will compartmentalize even that by using separate devices as qubes: https://www.qubes-os.org/news/2018/01/22/qubes-air/.