- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.
You must log in or register to comment.
deleted by creator
I think that’s the point. You can’t trust the average developer to do things safely. And remember, half of all programmers are even worse than average.
Wouldn’t that be the median programmer instead of average?
The word “average“ can mean many things, for example, mean, median, mode, or even things like “within 1 standard deviation from the mean”.
I was using it strictly as the mean which divides the population exactly in half.
Half of all programmers constitute the so called “average” group
Yea! I’m one of them!
Which half am I in?
If you have to ask
You know
Yes. And 75% of car driver believe they are above average as well…
99% of devs believe they are in the top 1%
deleted by creator
Bell curves don’t work to make this point. A bell curve is symmetrical, so half of developers will always be below average on a bell curve. But yes, it is true that for other types of distributions, more or less than half of the developers could be below average. What the person above you was looking for, in the general case, would be the median.
The mean is in the center of the bell curve, so I’m not sure what your point is.
Or rather a Dunning Kruger issue: seniors having spent a significant time architecturing and debugging complex applications tend to be big proponents for things like rust.
Guys, C++ is gonna be dead in a couple of years now. Remember this comment…
…and read it again in ten years.
Are you the guy who has been posting this same comment every 10 years over the last half century?
(Edit: is joke)
You mean like android running java which is why everyone and their mom bought Israel’s Pegasus spyware toolkit?
The apps are (sometimes) Java, but the OS is a mix of languages, mostly C and C++. The Java runtime itself is C++.
Pretty crazy to reccomend Java as a secure alternative.
Why? What’s wrong with safe, managed and fast languages?
Java’s runtime has had a large number of CVEs in the last few years, so that’s probably a decent reason to be concerned.
Yep but:
-
it’s one runtime, so patching a CVE patches it for all programs (vs patching each and every program individually)
-
graalvm is taking care of enabling java to run on java
-
Nothing…
Only that descrition doesn’t include Java
Nothing really, the JVM has a pretty troubled history that would really make me hesitate to call it “safe”. It was originally built before anyone gave much thought to security and that fact plauges it to the present day.
and how much of this troubled history is linked to Java Applets/native browsers extensions, and how much of it is relevant today?
Written in C++
There’s a difference between writing code on a well-tested and broadly used platform implemented in C++ vs. writing new C++.
As you wish. Time to start learning D and D++
Hey girl, would you like my D or D++?
Is that nottheonion?
Meanwhile the report does not really single out C/C++
What are you talking about? Did you read the report? On page 7 They directly say that C/C++ “lack traits associated with memory safety”.
Thats because in government products many unsafe languages shittier than C(++) are used, like Ada, Fortran, and Cobol. It wouldn’t surprise me if most of the code running on products for government use werent written in C or C++
Also like it’s the only source of vulnerabilities… in addition a lot of the trendy python libs are developed in C; do we also ditch those?
It is one of the main sources. Like, actually a very substantial fraction is memory related. I think It was more than 50%, granted those are estimates.
Microsoft and Google both claim around 70%.
https://www.zdnet.com/article/microsoft-70-percent-of-all-security-bugs-are-memory-safety-issues/
Rewrite it in Rust
When all the talented programmers are all gay communists and your entire state exists to murder gay communists. Still can’t forget how Allen Turing, a gay man whose inventions were a gigantic help in winning WW2, KYS’d because they still treated him like garbage even after the fact.
Nice. Now I’m waiting for all the Rust or whatever “safe” languages environments for embedded systems to fall from the sky. And please some that actually work on small processors with little memories.
That’s probably a good idea but I can see some proper longevity issues in that one
Shut up Brandon, you can’t even code. This is just propaganda from Big Rust.
I wanted you to know that I laughed and enjoyed this comment, ignore the haters 💛
deleted by creator
