41:["$","div",null,{"className":"px-4","children":[["$","h2",null,{"className":"mb-4 text-sm font-medium text-balance text-muted-foreground tabular-nums","children":[0," comments"]}],["$","$L43",null,{"comments":[{"item":{"id":27313092,"type":"comment","by":"coldtea","time":1622191624,"title":"$undefined","url":"$undefined","text":">The idea is that language will not solve poorly designed software

Another idea is that a software can have a great design but still be full of security holes. C allows for that.

If we leave it to the "adequately advanced programmer" to avoid those, we're doing it wrong - with plenty of historical examples to prove this.","score":"$undefined","descendants":"$undefined","kids":[27313186],"parent":27313052,"dead":"$undefined","deleted":"$undefined"},"children":[{"item":{"id":27313186,"type":"comment","by":"afarrell","time":1622192457,"title":"$undefined","url":"$undefined","text":"Caveat: Saying “Just write it in rust” won’t change the fact that writing secure software is hard.

The only thing that will actually prevent security holes is attentive software engineers deliberately choosing to learn tools and practice habits to avoid security holes by design. The professional judgement of a lot of those engineers is leading them to choose to learn rust right now.","score":"$undefined","descendants":"$undefined","kids":[27313957,27315249],"parent":27313092,"dead":"$undefined","deleted":"$undefined"},"children":[{"item":{"id":27313957,"type":"comment","by":"pdimitar","time":1622200152,"title":"$undefined","url":"$undefined","text":"> Caveat: Saying “Just write it in rust” won’t change the fact that writing secure software is hard.

Absolutely. It's just that statistically the memory safety bugs have been the dominant percent of all the bugs, so rewriting core tools in a memory-safe language does make sense.","score":"$undefined","descendants":"$undefined","kids":[27315352],"parent":27313186,"dead":"$undefined","deleted":"$undefined"},"children":[]},{"item":{"id":27315249,"type":"comment","by":"coldtea","time":1622209601,"title":"$undefined","url":"$undefined","text":">Caveat: Saying “Just write it in rust” won’t change the fact that writing secure software is hard.

No. But it will make sure there are no issues of the type buffer overflow and such.

The rest, we can judge when the software is delivered.","score":"$undefined","descendants":"$undefined","kids":[27316331],"parent":27313186,"dead":"$undefined","deleted":"$undefined"},"children":[]}]}]},{"item":{"id":27314475,"type":"comment","by":"sbuk","time":1622204280,"title":"$undefined","url":"$undefined","text":"Sendmail is now owend by Proofpoint and I can only assume it forms the basis of the MTAs for their gateway.","score":"$undefined","descendants":"$undefined","kids":"$undefined","parent":27313052,"dead":"$undefined","deleted":"$undefined"},"children":[]}],"op":"dig1"}]]}]

0 comments

0 comments