|
|
Subscribe / Log in / New account

Announcing Arti, a pure-Rust Tor implementation (Tor blog)

Announcing Arti, a pure-Rust Tor implementation (Tor blog)

Posted Jul 18, 2021 1:39 UTC (Sun) by pizza (subscriber, #46)
In reply to: Announcing Arti, a pure-Rust Tor implementation (Tor blog) by ms-tg
Parent article: Announcing Arti, a pure-Rust Tor implementation (Tor blog)

> Graph shows a period of 12 years, 2006-2018, showing that around 70% of "security vulnerabilities addressed by a security update"

Ah, okay, so that's "70% of security vulnerabilities" -- which is *not* the same as "security incidents".

(As the 7th & 8th slide in that deck demonstrates, there is a considerable gap between "vulnerabilities" and "exploits", and the 9th slide says the "market" has moved predominantly to social engineering-based attacks instead)

to post comments

Announcing Arti, a pure-Rust Tor implementation (Tor blog)

Posted Jul 18, 2021 16:48 UTC (Sun) by marcH (subscriber, #57642) [Link] (2 responses)

> Ah, okay, so that's "70% of security vulnerabilities" -- which is *not* the same as "security incidents".

Is the former acceptable?

Announcing Arti, a pure-Rust Tor implementation (Tor blog)

Posted Jul 21, 2021 17:27 UTC (Wed) by pizza (subscriber, #46) [Link] (1 responses)

> Is the former acceptable?

"Acceptable" is just a point on the cost/benefit curve.

Clearly it has been acceptable. And, to be blunt, it will continue to be, for the same reason that the financial industry still runs on COBOL -- Rewriting the billions of lines of existing "inherently unsafe" code into "memory-safe" languages will cost a *lot* more money (and introduce far more new bugs along the way) than the current practice of (semi-proactively) plugging holes and cleaning up messes after the fact.

The costs of "security vulnerabilities" are nearly always external (ie someone else's problem). That vulnerability only becomes an "incident" is when an organization directly incurs some cost. Until then, it will be ignored unless an external entity (eg government regulation or payment card or insurance carrier requirement) forces an organization to proactively care.

Announcing Arti, a pure-Rust Tor implementation (Tor blog)

Posted Jul 21, 2021 22:25 UTC (Wed) by marcH (subscriber, #57642) [Link]

> > Is the former acceptable?

> "Acceptable" is just a point on the cost/benefit curve.

Sure, what I meant was: should anything at all be done about memory corruption? The answer is yes of course - and it is being done in some places and not just with Rust. Exciting times.

> Until then, it will be ignored unless an external entity (eg government regulation or payment card or insurance carrier requirement) forces an organization to proactively care.

In general yes of course but there a few exceptions like Microsoft, Google and a few other "SmallTech". Check the Microsoft slides linked above.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds