Skip to content
By using Twitter’s services you agree to our Cookies Use. We and our partners operate globally and use cookies, including for analytics, personalisation, and ads.
  • Home Home Home, current page.
  • About

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @
  • Language: English
    • Bahasa Indonesia
    • Bahasa Melayu
    • Català
    • Čeština
    • Dansk
    • Deutsch
    • English UK
    • Español
    • Filipino
    • Français
    • Hrvatski
    • Italiano
    • Magyar
    • Nederlands
    • Norsk
    • Polski
    • Português
    • Română
    • Slovenčina
    • Suomi
    • Svenska
    • Tiếng Việt
    • Türkçe
    • Ελληνικά
    • Български език
    • Русский
    • Српски
    • Українська мова
    • עִבְרִית
    • العربية
    • فارسی
    • मराठी
    • हिन्दी
    • বাংলা
    • ગુજરાતી
    • தமிழ்
    • ಕನ್ನಡ
    • ภาษาไทย
    • 한국어
    • 日本語
    • 简体中文
    • 繁體中文
  • Have an account? Log in
    Have an account?
    · Forgot password?
    New to Twitter?
    Sign up
Jonathan_Blow's profile
Jonathan Blow
Jonathan Blow
Jonathan Blow
@Jonathan_Blow

Tweets

Jonathan Blow

@Jonathan_Blow

Designer/Programmer of Braid and The Witness. President, Thekla, Inc. Partner in IndieFund. Currently working on good new things.

San Francisco
the-witness.net/news
Joined January 2010

Tweets

  • © 2021 Twitter
  • About
  • Help Center
  • Terms
  • Privacy policy
  • Cookies
  • Ads info
Dismiss
Previous
Next

Go to a person's profile

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @

Promote this Tweet

Block

  • Tweet with a location

    You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more

    Your lists

    Create a new list

    Under 100 characters, optional
    Privacy

    Copy link to Tweet

    Embed this Tweet

    Embed this Video

    Add this Tweet to your website by copying the code below. Learn more

    Add this video to your website by copying the code below. Learn more

    Hmm, there was a problem reaching the server.

    By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.

    Preview

    Why you're seeing this ad

    Log in to Twitter

    · Forgot password?
    Don't have an account? Sign up »

    Sign up for Twitter

    Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen.

    Sign up
    Have an account? Log in »

    Two-way (sending and receiving) short codes:

    Country Code For customers of
    United States 40404 (any)
    Canada 21212 (any)
    United Kingdom 86444 Vodafone, Orange, 3, O2
    Brazil 40404 Nextel, TIM
    Haiti 40404 Digicel, Voila
    Ireland 51210 Vodafone, O2
    India 53000 Bharti Airtel, Videocon, Reliance
    Indonesia 89887 AXIS, 3, Telkomsel, Indosat, XL Axiata
    Italy 4880804 Wind
    3424486444 Vodafone
    » See SMS short codes for other countries

    Confirmation

     

    Welcome home!

    This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.

    Tweets not working for you?

    Hover over the profile pic and click the Following button to unfollow any account.

    Say a lot with a little

    When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.

    Spread the word

    The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.

    Join the conversation

    Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.

    Learn the latest

    Get instant insight into what people are talking about now.

    Get more of what you love

    Follow more accounts to get instant updates about topics you care about.

    Find what's happening

    See the latest conversations about any topic instantly.

    Never miss a Moment

    Catch up instantly on the best stories happening as they unfold.

    1. Jonathan Blow‏ @Jonathan_Blow Mar 13
      Replying to @NoraDotCodes @boribombo

      Memory bugs are to be avoided, but are a small minority of the number of bugs total. Most bugs are just due to complexity. So “memory safety” is kind of a red herring; if you fix a small number of bugs by gaining memory safety, but in doing so increase friction too much, it is

      1 reply 0 retweets 9 likes
    2. Jonathan Blow‏ @Jonathan_Blow Mar 13
      Replying to @Jonathan_Blow @NoraDotCodes @boribombo

      easily a net loss, because the other 95% of bugs are harder to deal with. Our solution is to provide customizable metaprogramming techniques you can leverage to help with all 100% of bugs, as you feel is best for your own domain and program.

      1 reply 0 retweets 7 likes
    3. Nora, SciHub Liker‏ @NoraDotCodes Mar 13
      Replying to @Jonathan_Blow @boribombo

      Interesting! As someone who works in a highly logic-bug sensitive field (clinical analysis), I've found that having an advanced type system, incl. memory ownership, is almost always a benefit in reducing logic bugs, as well as memory bugs; have you had a different experience?

      1 reply 0 retweets 4 likes
    4. Nora, SciHub Liker‏ @NoraDotCodes Mar 13
      Replying to @NoraDotCodes @Jonathan_Blow @boribombo

      Also: a recent post from the maintainer of curl seems to contradict these numbers. Is it possible your experience is not universal here?

      1 reply 0 retweets 3 likes
    5. Jonathan Blow‏ @Jonathan_Blow Mar 13
      Replying to @NoraDotCodes @boribombo

      I am just talking about the software we ship, though I suspect that if some team's bug load is mostly memory bugs, they are doing something wrong at a basic level. I don't see how memory ownership helps with logic bugs; they are pretty much orthogonal.

      1 reply 0 retweets 3 likes
    6. Nora, SciHub Liker‏ @NoraDotCodes Mar 13
      Replying to @Jonathan_Blow @boribombo

      First, let's stop speaking in the abstract. Here is the data on curl: https://timmmm.github.io/curl-vulnerabilities-rust/ … and here is Daniel's analysis: https://daniel.haxx.se/blog/2021/03/09/half-of-curls-vulnerabilities-are-c-mistakes/ … I'm open to the idea that the curl team is doing something fundamentally wrong, but that assertion would require some evidence.

      1 reply 0 retweets 4 likes
    7. Nora, SciHub Liker‏ @NoraDotCodes Mar 13
      Replying to @NoraDotCodes @Jonathan_Blow @boribombo

      To your other point, I think working in a language with memory ownership strongly encourages a lot of patterns - context passing instead of global mutable state, "share memory by communicating", etc - that are possible but not encouraged in other languages.

      1 reply 0 retweets 6 likes
    8. Nora, SciHub Liker‏ @NoraDotCodes Mar 13
      Replying to @NoraDotCodes @Jonathan_Blow @boribombo

      And, speaking about Rust - which I believe we are - coupling these idioms, ecosystem-wide and encouraged by the language, with a robust, powerful, and hard to screw up type system means that important invariants beyond memory ownership can be encoded and enforced easily.

      2 replies 0 retweets 6 likes
    9. Jonathan Blow‏ @Jonathan_Blow Mar 13
      Replying to @NoraDotCodes @boribombo

      I spent hours today arguing with Rust people today already, don't want to spend more time on this. You can see what I have previously written/filmed to know what I think on this. The upshot is, as said up the thread, I think there are more efficient ways to get more benefits.

      2 replies 0 retweets 0 likes
    10. Nora, SciHub Liker‏ @NoraDotCodes Mar 13
      Replying to @Jonathan_Blow @boribombo

      Okay, I won't take up more of your time. I'm excited to hear more about your ideas on this topic - new language research is always interesting, and I assume it is new, since I haven't heard you answer most of what I asked (so, I asked). I .await your paper with baited breath. :)

      1 reply 0 retweets 0 likes
      Jonathan Blow‏ @Jonathan_Blow Mar 14
      Replying to @NoraDotCodes @boribombo

      I willl say that I glanced at the curl page before closing it and the author does not appear to be talking about all bugs, but security vulnerabilities only, which are usually a small subset of all bugs, and where memory issues appear predominantly.

      7:46 AM - 14 Mar 2021
      • 1 Like
      • Francesco
      1 reply 0 retweets 1 like
        1. New conversation
        1. Nora, SciHub Liker‏ @NoraDotCodes Mar 14
          Replying to @Jonathan_Blow @boribombo

          Interesting - that feels intuitively like it could be true, but I'm not sure I've ever seen data on whether or not security bugs are more or less likely to be memory-ownership related. Do you have some?

          1 reply 0 retweets 0 likes
        2. Francesco‏ @boribombo Mar 15
          Replying to @NoraDotCodes @Jonathan_Blow

          @NoraDotCodes Classical security issues are often caused by out of bounds operations, but memory management bugs can also be exploited for content spoofing or malicious code execution by just forgetting to properly zeroing buffers/pointer variables after use

          1 reply 0 retweets 0 likes
        3. Show replies

      Loading seems to be taking a while.

      Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

        Promoted Tweet

        false

        • © 2021 Twitter
        • About
        • Help Center
        • Terms
        • Privacy policy
        • Cookies
        • Ads info