undefined | Better HN

0 pointsjorvi2y ago0 comments

Look at how many of the past big exploit chains on iPhones, Chromium etc involved media decoding at some point in that chain.

It’s like crypto, you have to be very deliberate with your choices, and it’s generally ill-advised to roll your own.

0 comments

Misdicorl2y ago

That advice has context. Do not roll your own if the feature is not your core product offering. So don't roll crypto if you're not selling crypto. If it is your core offering (and media decoding is absolutely a core offering of a web browser), you should choose carefully whether to get it off the shelf or roll your own.

Otherwise how would new/better stuff ever get built?!

jorviOP2y ago

If Apple and Google can’t even find all the vulnerabilities in their libs, how on earth would a scrappy team of a few devs, especially since media decode isn’t the sole thing they’re focused on?

> Otherwise how would new/better stuff ever get built?!

The problem here is that people are salivating to use this as their daily driver. When WireGuard was still in development, everyone got told in very strong terms to not use it in any setting that required actual security.

Browsing the web at large is sort-of hostile by default.

Ladybird is a great project, and I hope it keeps developing, but any user that thinks their media decode libraries will be bulletproof libs free of vulnerabilities are nuts.

tremon2y ago

If Apple and Google can’t even find all the vulnerabilities in their libs, how on earth would a scrappy team of a few devs

Perhaps a few devs have nowhere near the required escape velocity to create vulnerabilities before they can be fixed, nor the pressure of PMs to ship substandard code?

Misdicorl2y ago

> but any user that thinks their media decode libraries will be bulletproof libs free of vulnerabilities are nuts.

Sure. And its a high bar to challenge the same or better vulnerability profile that the established players have. But a "small scrappy team" which is capable of doing everything this team has done certainly garners a lot of confidence that the bar is possible.

Neikius2y ago

Apple and google are big corpos and those are legendary for their inability to make anything properly. It has been a while since they were small and could move fast... So no, I would not take them as a standard.

j / k navigate · click thread line to collapse

0 comments

Misdicorl2y ago

Otherwise how would new/better stuff ever get built?!

jorviOP2y ago

> Otherwise how would new/better stuff ever get built?!

Browsing the web at large is sort-of hostile by default.

Ladybird is a great project, and I hope it keeps developing, but any user that thinks their media decode libraries will be bulletproof libs free of vulnerabilities are nuts.

tremon2y ago

If Apple and Google can’t even find all the vulnerabilities in their libs, how on earth would a scrappy team of a few devs

Perhaps a few devs have nowhere near the required escape velocity to create vulnerabilities before they can be fixed, nor the pressure of PMs to ship substandard code?

Misdicorl2y ago

> but any user that thinks their media decode libraries will be bulletproof libs free of vulnerabilities are nuts.

Neikius2y ago

j / k navigate · click thread line to collapse