Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A stack buffer overflow was addressed through improved input validation.
CVE-2017-6975: Gal Beniamini of Google Project Zero
不過也不確定是不是愚人節消息就是了：「[tor-dev] Tor in a safer language: Network team update from Amsterdam」。
What has already been done:
- Rust in Tor build
- Putting together environment setup instructions and a (very small) initial draft for coding standards
- Initial work to identify good candidates for migration (not tightly interdependent)
What we think are next steps:
- Define conventions for the API boundary between Rust and C
- Add a non-trivial Rust API and deploy with a flag to optionally use (to test support with a safe fallback)
- Learn from similar projects
- Add automated tooling for Rust, such as linting and testing
目前看到後續的討論只有「[tor-dev] Tor in a safer language: Network team update from Amsterdam」這篇，也許等全世界的 4/1 都過了之後再回來確認吧...
前兩種都是 rate limit。第一種是最標準的「你一分鐘可以用幾次」的方式，這是最容易理解的方式。第二種是「你同時間可以用幾個 API request」，這通常會用在大量消耗資源的 API 上，避免短時間內被打爆。
第三種是拉到整體來看，把 API 分成重要與不重要的，然後直接保留確保重要的 API 有一定的 capacity 可以用：
We always reserve a fraction of our infrastructure for critical requests. If our reservation number is 20%, then any non-critical request over their 80% allocation would be rejected with status code 503.
Only 100 requests were rejected this month from this rate limiter, but in the past it’s done a lot to help us recover more quickly when we have had load problems. This load shedder limits the impact of incidents that are already happening and provides damage control, while the first three are more preventative.