Intel AMT bug was strncmp (h/t @reillyeon).
I’d like to take this time to remind everyone how great of a language C is for secure coding.
-
-
Replying to @BRIAN_____ @reillyeon
The probability that someone would ship something so bogus is so tiny compared to how often string.h is misused as to not be comparable.
3 replies 0 retweets 5 likes -
It really doesn't help your mission of advertising Rust if you choose the worst examples for bashing C.
3 replies 0 retweets 2 likes -
It’s very strange to see security people saying that misuse resistance is an important property of crypto but not of a programming language.
1 reply 0 retweets 2 likes -
1/X Sry but I fear this conversation will not go very far. I did never say that. What I said is that this is a bad argument. This is because
1 reply 0 retweets 0 likes -
2/X You single out some misuse of API in language X and claim your favourite language Y makes misusing it harder.
1 reply 0 retweets 0 likes -
3/X The thing is you can find examples like this for all languages. Interstingly there is even a string compre function that would ...
2 replies 0 retweets 0 likes -
I stand by the claim that comparing (or generally manipulating) strings in C is way easier to get wrong than in almost any other language.
1 reply 0 retweets 0 likes
This isn’t a controversial opinion!
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.