Jump to page: 1 2
Thread overview
Chrome: 70% of all security related bugs are memory issues
May 23
aberba
May 23
welkam
May 24
aberba
May 23
Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
May 23
On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
> Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/

Thats the reason why mozila invented Rust programming language.
May 23
On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
> Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/

Garbage collection and array bounds checks fixes the majority of those with no special effort, so I am sure the numbers are different for most D programs.
May 24
On Saturday, 23 May 2020 at 18:33:31 UTC, Adam D. Ruppe wrote:
> On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
>> Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
>
> Garbage collection and array bounds checks fixes the majority of those with no special effort, so I am sure the numbers are different for most D programs.

D is currently, as I understand it, merging the good parts of rust with everything great about D. Makes it compelling...as long these goodies become well know.
May 24
On Sat, May 23, 2020 at 06:33:31PM +0000, Adam D. Ruppe via Digitalmars-d wrote:
> On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
> > Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
> 
> Garbage collection and array bounds checks fixes the majority of those with no special effort, so I am sure the numbers are different for most D programs.

Notable from the article is that both Microsoft and Google are seriously looking into alternative programming languages.  I think we're looking at the beginning of the end of the long reign of C/C++ in the programming landscape. Maybe in about 20-30 years' time C/C++ will become relics in the dustbin of history...


T

-- 
No! I'm not in denial!
May 25
On Sunday, 24 May 2020 at 14:38:54 UTC, H. S. Teoh wrote:
> On Sat, May 23, 2020 at 06:33:31PM +0000, Adam D. Ruppe via Digitalmars-d wrote:
>> On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
>> > Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
>> 
>> Garbage collection and array bounds checks fixes the majority of those with no special effort, so I am sure the numbers are different for most D programs.
>
> Notable from the article is that both Microsoft and Google are seriously looking into alternative programming languages.  I think we're looking at the beginning of the end of the long reign of C/C++ in the programming landscape. Maybe in about 20-30 years' time C/C++ will become relics in the dustbin of history...
>
>
> T

no, C,C++ will exist if general D can not be used for MCU, rust is trying to do these things, but it seems even rust is too heavy(both the syntax and footprint).

May 24
On 5/23/2020 10:41 AM, welkam wrote:
> On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
>> Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/ 
>>
> 
> Thats the reason why mozila invented Rust programming language.

Which is why D has invented @live functions.
May 24
On 5/23/2020 11:33 AM, Adam D. Ruppe wrote:
> On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
>> Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/ 
>>
> 
> Garbage collection and array bounds checks fixes the majority of those with no special effort, so I am sure the numbers are different for most D programs.

It doesn't fix use-after-free. Enter @live functions.
May 25
On Monday, 25 May 2020 at 01:35:07 UTC, Walter Bright wrote:
> On 5/23/2020 11:33 AM, Adam D. Ruppe wrote:
>> Garbage collection
>
> It doesn't fix use-after-free. Enter @live functions.

With garbage collection, references have infinite lifetime, so use after free is impossible.

D doesn't GC everything though, since it has pointers to stack objects and C things, but when you DO use the GC, use-after-free is not a worry.
May 25
On Sunday, 24 May 2020 at 14:38:54 UTC, H. S. Teoh wrote:
> On Sat, May 23, 2020 at 06:33:31PM +0000, Adam D. Ruppe via Digitalmars-d wrote:
>> On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
>> > Yeah, https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
>> 
>> Garbage collection and array bounds checks fixes the majority of those with no special effort, so I am sure the numbers are different for most D programs.
>
> Notable from the article is that both Microsoft and Google are seriously looking into alternative programming languages.  I think we're looking at the beginning of the end of the long reign of C/C++ in the programming landscape. Maybe in about 20-30 years' time C/C++ will become relics in the dustbin of history...
>
>
> T

It will still take ages, Google and Microsoft are also heavyweights on ISO C++, and collaborating on C++ lifetime analysis and C++ Core Guidelines.

Hence Project Verona and Checked C from Microsoft as well.
« First   ‹ Prev
1 2