Dran

Idk, this was kind of a rare combination of “write secure function; proceed to ignore secure function and rawdog strings instead” + “it can be exploited by entering a string with a semicolon”. Neither of those are anything near as egregious as a use after free or buffer overflow. I get programming is hard but like, yikes. It should have been caught on both ends

Because that bug was so egregious, it demonstrates a rare level of incompetence.

Because $350 couldn’t possibly buy enough hardware to run a modern operating system!

• Microsoft, probably

His logic literally buffer underflowed

You might want to check your access permissions; he didn’t even sudo.

This is probably the play they’re making; the only thing that makes me think it might be something else is that they also announced ditching proprietary code in favor of kvm in workstation. Makes me wonder if they instead are deciding to slowly kill the product line, and instead of just stopping development entirely, they’re giving it out as if it’s some huge gift to try and “buy” good will before it becomes an inferior product?

Either way, support costs for the product are now $0 (because you can’t buy it) and development costs are about to be near-zero if they’re forking upstream kvm.

https://www.phoronix.com/news/VMware-Workstation-KVM

Who decides what “truth” is? In concept I’m with you but in practice that sounds like a nightmare. See: mainland china

Governments should be the arbiters of law and recommendations, not the arbiters of truth.

Yeah I was going to say the same thing, I used to drink a lot and I never did anything drunk that I didn’t want to do sober. The drinking just impairs judgement and how much you care about consequences in the moment.

I think it’s one of those things that is against the spirit of a law but not the letter of it. It feels illegal, it probably should be illegal, it might be illegal in the future, but for now it’s sketchy but technically above board.