I’m one of the best when it comes to finding 0day in C. :) but I know it’s easy now, to write safe C. You can disagree all you want, but the tools and mitigation’s are available. Our industry failure is not making access simple and straight forward.
-
-
Tend to agree here with
@andreasdotorg. So, the prereq is being a “C pro”/Linus Torvalds? That doesn’t scale for an engineering team. Teams are composed of diverse people,not all 15 year C pros. The risks are too many and the learning curve to high for what most build today -
We naturally evolve toward higher and higher abstractions. There is always still use for the lower layers (someone is designing the fabrication processes for chips and the microcode that runs). But, it is relegated to a smaller and smaller group that eventually rounds to zero
-
And..if you are in that group, cool..we will always need those folks. But it doesn’t mean we need to encourage the “next generation” that chip fabbing, microcode, and assembly are is easier than they used to be...come on over and join us.
-
Did you miss the reply from
@paxteam that spoiled the mini blog I was going to drop today demonstrating andreas’ example is fruitless? Writing safe C is easy. He didn’t even understand that his example was moot. :) -
Not to mention, I was joking about Linus... LT is awesome but that was meant to be tongue in cheek. You guys need to drop the whole “you need to be this tall to C” antics :) it’s really not that hard.
-
Even LLVM has a great blog series about what actually is undefined behavior and how you can avoid it. Not that damn hard
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
the entire class of bugs is the overflow, the verification bypass from optimization and pointer arithmetic. I don’t get why you think you’re being clever trying to trick me. I’m going back to bed. When I wake up give me an actual problem I didn’t solve 10 years ago.