this post was submitted on 10 Jun 2024
1 points (100.0% liked)
TechTakes
1396 readers
14 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Maybe this?
https://www.bleepingcomputer.com/news/security/iterm2-leaks-everything-you-hover-in-your-terminal-via-dns-requests/
Yeah, I that’s probably what I was thinking of.
jfc
to get on my soapbox for a moment: iterm2 is in objc, which still has a lot of the ancillary problems that C has. testing properly is one of them - I can easily see such kind of fuckups slipping past by simple virtue of human error, possibly helped along by shitty tools/choices[0]. for example, I know of nothing in C-land that enables property-based testing, and from a quick check it seems that XCTest also runs on the human-enumerated-tests philosophy. so if no-one writes the test that'll catch it, it could at best be caught by accident (through something else maybe triggering it).
and people are also really fucking bad at thinking in/about side effects. even a lot of systems thinkers seem to fuck that up.
/soapbox
[0] - I was recently debugging why a particular piece of Go software wasn't outputting anything I was expecting at the log level I had it set. quickly went to its repo, glanced at the code just to check if my expectation was right, then popped a message to a friend who deals with more Go than I do (which is near-nil, because it is a GARBAGE FUCKING LANGUAGE OF AND CAUSING NIGHTMARES, gah). he reminded me of the fact that Go had fairly recently fixed a bug in its stdlib logging library that had fucked up which levels it would handle things, due to an error in the fucking switch statement. for the stdlib goddamn logger. a bug which had been there for over 2y iirc.