Why isn't it a firable offense to choose to use C in a security sensitive setting? Hint: about any setting is security sensitive these days.https://twitter.com/Ngnghm/status/688950737624260609 …
-
-
Not using C is not an option, even if you think you're actually programming in Go or Rust or Swift.
1 reply 0 retweets 0 likes -
You could similarly say not using assembly isn't an option, or not using quantum physics. Use a safe abstraction.
1 reply 0 retweets 2 likes -
Indeed, which is why rowhammer works... even from 'safe' languages.
1 reply 0 retweets 1 like -
Don't execute untrusted code in a leaky sandbox. And unless you're building the sandbox, still don't use C, or be fired.
1 reply 0 retweets 0 likes -
All sandboxes are leaky, and you can't trust code unless you wrote the code and the compiler too.
1 reply 0 retweets 0 likes -
Still not an argument for using C except when patching sandboxes. Also I don't trust code I write more than a specialist's.
1 reply 0 retweets 0 likes -
Why do you think I was making an argument for using C?
2 replies 0 retweets 0 likes -
You started the argument with "not using C is not an option". But actually you're equivocating on the word "using".
2 replies 0 retweets 0 likes -
In the mean time, don't think safe languages make you safe.
1 reply 0 retweets 0 likes
Nice nirvana fallacy. Safe languages make you safer than unsafe ones, unless you're building the safe abstraction.
-
-
Safer, yes. But they will be safer still once that underlying infrastructure is replaced.
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
Read my blog!