this post was submitted on 19 Jul 2024
126 points (100.0% liked)
TechTakes
1377 readers
70 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Zach Vorhies (who made leaking Google stuff to Project Veritas his entire identity) has the worst possible take: https://twitter.com/Perpetualmaniac/status/1814405221738786984 (lemme gather my thoughts and explain why in the next comment)
Fair warning that I'll be ranty because I hate losers talking about DEI hires.
This is a huge assumption. ~~The last rumor I've read from actual cybersecurity people is that Crowdstrike's update files were corrupt~~ (update: disproven by Crowdstrike's blog post). If this is true it's likely still from programmer error at some level, but maybe not as simple as "whoopsie I forgot an
if (data == nullptr)
teehee".He, like the rest of us that don't work at Crowdstrike, has no idea what happened. I have seen computers do the weirdest gosh darn things. I know better than to assume anything at this point. I wouldn't even rule out weird stuff like the data getting corrupted between release qualification and release yet.
This thread is full of these sorts of small technical inaccuracies and oversimplifications so I won't point out all of them, but nothing in the C++ standard requires null pointers to refer to memory address 0x0. Nor does it require that dereferencing a null pointer terminates the program.
Windows died not because C++ asked it nicely to, but because a driver tried to access an address which wasn't paged in.
The funny thing about accessing into non-paged memory in kernel space:
(If this was a simple nullptr dereference on bad input data then perhaps a fuzzer would have helped. Fuzzers are great though I have no idea how hard they are to use with kernel drivers)
Dude would probably call me a "DEI hire"; but I bet I could beat him in a C++ deathmatch so neener neener.
Also, and this shouldn't be left unsaid, we're talking about the Windows kernel here. A place with C++ code so cursed it is legendarily unhealthy to work in, as the cosmic horrors contained within slowly eat away at your sanity and warp the perception of time and space. Seeing that code for a few hours is enough to make a grown man cry. Seeing that code for a few weeks is enough to make you never cry again, as the terrible truth worms its way into your mind.
"DEI hire", hah! The creature makes no distinction for race or gender as it fattens itself upon your failure! Even a glimpse at the edge of its abyss is enough to trigger a cycle of revelation - all modern software lies upon a rotting pile of ancient mistakes.
@V0ldek @sailor_sega_saturn have you read the writings of James Mickens, e.g. https://www.usenix.org/system/files/1311_05-08_mickens.pdf ?
Absolutely stellar writing, except for this one weird bit
Database people are systems people. Modern databases have their own memory management, thread scheduler, and a fucking compiler inside. A promising research direction is to just bundle the database with your own bloody kernel that you handwrote with a box of scraps to make the entire thing less cursed and not have to wrestle with Linux.
You know, just in case you were looking for people to include in your postapo gang, database experts will also murder whatever you want with bare hands.
@V0ldek there's a difference between people who develop database engines, and people who use an existing database engine to write database applications in SQL or whatever.
It's just your comedic hyperbolic turns of phrase reminded me of Mickens'.
If more than one system devs launch into a Lovecraftian stream of epithets about how incomprehensiblly horrific it is when you ask them about their work then there just may be some truth in it.