Concept cars and Chromium exploits?

You may ask yourself, “What do those two topics have to do with one another?,” and you’d be completely justified in your confusion. However, they went together in a strange way in my brain. Firstly, let’s get the ‘concept cars’ portion out of the way. There was an article on SlashGear today about the possibility of Fiat, Alfa Romeo, and Mazda coming together in order to work on a new sports car. This article was one of the most poorly written under-proofed pieces of garbage that I’ve seen in the news in quite a while (which is saying a lot, given that there are news sources like Fox out there ;) ). Anyway, I’ve placed a screenshot of the article below (just in case they catch the goofs, and decide to change them):

Alfa Romeo proofreading

Did you catch all of the amazing errors?

  • “Alpha Romeo” instead of Alfa Romeo — the first sign that the author (Shane McGlaun) has no understanding of the topic about which he is reporting.
  • “Must is now set for another partnership…” instead of “Mazda” (this seems like he was typing the article on a mobile with auto-correct).
  • “The car be constructed at Mazda’s Japanese plant…” — either Shane decided to incorporate some quasi-Ebonics into his article, or simply omitted the helping verb.
  • “The vehicle will be a two-seat, reward drive car…” — Subaru’s claim to fame is all-wheel drive on all of their vehicles, but they don’t have ANY with reward drive!

Incredible work, Shane.

Secondly, the ‘Chromium exploits’ portion is an incredibly fascinating topic. The Chrome developers at Google announced yesterday that two individuals had found methods of full remote code execution from within the browser. They go into depth about the six seemingly minor exploits found by a user going by the pseudonym “Pinkie Pie,” which, when chained together, allowed for the full exploit. The level of understanding and investigative work performed by this person is staggering, even to those with significant experience in computer security and programming. The process involved the prerendering engine, GPU command buffers, buffer overflows, tree structures via pointers, an ROP chain, and more.

So now that you have the background on these two stories, I can finally explain how my warped brain put them together. I started thinking about the myth of meritocracy, and realised that Shane McGlaun (the reporter for SlashGear) is employed, and making what is likely a decent salary as a technology writer. At the same time, “Pinkie Pie” understands the importance of security in programming to a degree that many can’t even comprehend the high-level explanation thereof. If he’s employed, it is a somewhat strong probability that he is highly underpaid in comparison to his knowledge and ability.

There you have it, my very odd connection between two seemingly unrelated topics. :) Whether or not you agree with the connection, hopefully you enjoyed the articles themselves.

Cheers,
Zach

Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>