rene_mobile’s avatarrene_mobile’s Twitter Archive—№ 7,399

    1. …in reply to @Ars_Dementis
      @Ars_Dementis Ok, I'll bite, but only once since Twitter is not the right medium for a nuanced discussion on such issues. C is objectively bad for memory safety. Even good and motivated programmers continue to write new bugs in C at an alarming rate. Depending on the data you look at, 1/
  1. …in reply to @rene_mobile
    @Ars_Dementis somewhere between 50% and 80% of security issues are directly caused by memory safety bugs in C/C++ codebases. Can you write such bugs in (unsafe marked) Rust? Yes. Does Rust make it easy to make those mistakes? No. Does C make it hard to write secure code? Definitely yes. 2/
    1. …in reply to @rene_mobile
      @Ars_Dementis Hardly anybody is arguing to immediately throw away mature codebases and re-write everything in Rust/Go/Java/Kotlin/C#/etc. But we really, really need to stop writing new C when there are better tools - in the sense of making it harder to make mistakes. 3/3
      1. …in reply to @rene_mobile
        @Ars_Dementis Counter-examples to the no-rewriting are of course highly exposed codebases that have had multiple remote execution bugs due to memory safety before. theregister.com/2021/02/02/patching_apache_rust/ seems appropriate. Rust is well suited for partial replacements because of its interoperability with C.