Hacker News new | ask | show | jobs
by cjbprime 801 days ago
Literally every serious C/C++ project has shipped memory unsafety vulnerabilities. We have discovered, as the global community of programmers, that humans are not smart enough to write C code without doing that. It is time to blame the language (or the species) and move on.

Let's not pretend that the people writing the unsafe code are unimaginably stupid. They are extremely imaginably stupid, as we all are.
1 comments
tus666 800 days ago
Most memory vulnerabilities are use-after-free which due to the nature of C is a very easy mistake to make.

Buffer overflows are simple inexcusable, especially if its "we didn't bother checking" rather than "we got the size wrong due to human error".

The first case is not normal, people like that should not be programming HTML let alone C code.

link