Me: OpenSSH is one of the most secure apps ever written, even in C C Haters: no it’s not! Several RCE bugs! Me: prove it. Show me a working exploit. *crickets* FUD and Security pedanticism is unbecoming of our insustry, Pals.
You have heard about the Unikernel movement? Trusted code base is something that can be measured and minimized (see MirageOS). And if it's just on the order of 20000 or so lines of code of C, even this can be verified or generated using more powerful tools (Hyper-V, HaCL).
-
-
lol have you ever written a unikernel or microkernel? I have. I've even written Erlang for bare metal (on cortex-M). It's not the ecosystem silver bullet you think it is. In some cases, it's worse.
-
Sure, wrote a realtime control software for an atomic force microscope on a DSP. Also fixed bugs in the network stack on a Symbolics Lisp machine. Pretty much seen the spectrum. Also found a bug in the MirageOS TLS stack before they put up the Piñata. But no one got the 10BTC.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.