Me: OpenSSH is one of the most secure apps ever written, even in C C Haters: no it’s not! Several RCE bugs! Me: prove it. Show me a working exploit. *crickets* FUD and Security pedanticism is unbecoming of our insustry, Pals.
While technically true, I still think the shortcomings of the ecosystem count as trouble. Nobody writes C in a vacuum.
-
-
well, those shortcomings are not specific to C programs. All your shiny new languages are still using a system, with libraries, and a kernel. So basically, you're proving that C is on par with what you propose as a replacement.
-
You have heard about the Unikernel movement? Trusted code base is something that can be measured and minimized (see MirageOS). And if it's just on the order of 20000 or so lines of code of C, even this can be verified or generated using more powerful tools (Hyper-V, HaCL).
-
lol have you ever written a unikernel or microkernel? I have. I've even written Erlang for bare metal (on cortex-M). It's not the ecosystem silver bullet you think it is. In some cases, it's worse.
-
Sure, wrote a realtime control software for an atomic force microscope on a DSP. Also fixed bugs in the network stack on a Symbolics Lisp machine. Pretty much seen the spectrum. Also found a bug in the MirageOS TLS stack before they put up the Piñata. But no one got the 10BTC.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.