undefined | Better HN

0 points0815test7y ago0 comments

If your compiler correctly enforces security properties (and many languages do attempt to do this, at least in well-defined "safe" subsets), then of course any source code compiled with it is going to be safe. It's the difference between the JavaScript/WASM JIT-powered sandbox on the one hand, and the ActiveX code-signing-based model on the other. Which is safer?

0 comments

CamperBob27y ago

What? A compiler can't tell if a given program is "safe" any more than it can tell if the program will halt.

0815testOP7y ago

A compiler can tell if some program will halt, for many reasonable cases. For example, if the program comes with a proof that places it in some well-defined computational complexity class, a compiler will be able to tell that it halts. And even if a program cannot be said to halt in general, it can still be said to halt conditional on some "unsafe" assertions being true. Similarly, we can verify safety properties for many useful programs, and we can even use "unsafe" assertions to limit the extent of uncertainty about these properties that we cannot directly verify.

oarsinsync7y ago

I can visit a website and my CPU can get hammered to mine cryptocurrency for someone else without my consent.

I'm not sure either is that much better at this point!

j / k navigate · click thread line to collapse