Hacker News new | ask | show | jobs
by stephc_int13 1556 days ago
Rust might be a better C++. (Zig is the better C)

The memory safety thing seems to be appealing to some people who believe it will dramatically reduce the security issues found in many software. (they usually know very little about actual security exploits)

Rust is building a cult-like community around it, and I think it could be its demise, I personally hate it (the community)
1 comments
Gwypaas 1556 days ago
> The Chromium project finds that around 70% of our serious security bugs are memory safety problems. Our next major project is to prevent such bugs at source.

https://www.chromium.org/Home/chromium-security/memory-safet...

> As was pointed out in our previous post, the root cause of approximately 70% of security vulnerabilities that Microsoft fixes and assigns a CVE (Common Vulnerabilities and Exposures) are due to memory safety issues. This is despite mitigations including intense code review, training, static analysis, and more.

https://msrc-blog.microsoft.com/2019/07/18/we-need-a-safer-s...

Removing 70% of security exploits, especially those which can easily lead to arbitrary code execution compared to e.g. logic bugs or DoS issues right at the compiler seems like a huge win?

link
stephc_int13 1555 days ago
I took a look at the Chromium codebase a long time ago, out of curiosity. I am not surprised it is full of bugs and vulnerabilities, and yes modern C++ idioms are harmful in that regard.

But I am not convinced that Rust is the solution.

link