Someone's salty about Firefox's long standing "security" record :)https://twitter.com/pcwalton/status/986799352864653313 …
C is empirically a poor language for secure software. The number and severity of vulnerabilities in C software in practice far outweighs those in any memory-safe language.
-
-
I'm one of the most prominent security researchers in this space, & just declared external secure elements impossible to secure in my HITB talk last week. I'm fully aware of the issues, & quite satisfied that C is not the best choice, but a fine choice. Thanks for your opinion.
-
It’s not opinion. It’s fact. There are empirically far fewer RCEs (to name one common kind of vulnerability) in programs written in memory-safe languages than programs written in C. You have very impressive credentials! I just think, in this one instance, you’re wrong.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.