The content inside the notepad edit window should probably be universally sandboxed from your local box
Sadly, this was already the case when Notepad stayed in its lane and only handled plain text unicode.
Comment on A remote code execution vulnerability has been found in Microslop Notepad
rumba@lemmy.zip 2 weeks agoThe content inside the notepad edit window should probably be universally sandboxed from your local box and throw popups when referencing external content with exactly what is being done.
They half assed the implementation.
dejected_warp_core@lemmy.world 2 weeks ago
pkjqpg1h@lemmy.zip 2 weeks ago
To have something optimized they need to start from scratch with clean code
related:
bitjunkie@lemmy.world 2 weeks ago
Rolling out AI with the stated purpose of reducing technical debt is just fucking hilarious to me
rumba@lemmy.zip 2 weeks ago
And honestly, that speaks more to the removal of features on the taskbar than Notepad.
One person could have rewritten Notepad from scratch in C++ in a day and bolted in Markdown in a relatively secure fashion in another 2. I doubt security even hit the requirements list. I’m not against moving windows components to Rust. I’ve not against losing features here and there to get there, but blatantly ignoring security because it’s in Rust is downright stupid.
pkjqpg1h@lemmy.zip 2 weeks ago
I’m not a programmar, why people very interest Rust?
rumba@lemmy.zip 2 weeks ago
It stops dangerous memory mistakes by design, forces safe handling of data, and eliminates the most commonly used vulnerabilities in C and C++
It encourages secure design, but that forces people who have been writing C/C++ for years to completely rethink how to do many things they’re very proficient at.