Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

While Apple will spend billions on the latest techniques to ensure your iPhone can only run things Apple signed, there is meanwhile a real lack of enthusiasm around the basics like making the central messaging app not a native code shitshow invoking obscure (native of course) open source libraries they never update, you know, the basics. It's the latter that keeps getting their customers exploited.


Why are you emphasising native code? Is there something about native code being bad that I am missing?


Native code has more direct access to the system, e.g. accessing arbitrary regions of a process's memory via pointer arithmetic, invoking arbitrary syscalls, etc. In contrast, "managed code" like a JVM, CPython VM, etc. is subject to a more structured semantic model, which allows more restrictions to be imposed.


everything not running in a browser is bad, b/c it's not within reach of the fullstack shitheads /s


if they can't go down to the metal, they're not "fullstack" /s




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: