People always shit on C for security, perhaps rightly so. But I would like to po... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Skunkleton on Sept 23, 2017 | parent | context | favorite | on: It’s time to kill the web app

People always shit on C for security, perhaps rightly so. But I would like to point out that 99% of everything out there has C or C++ at its base. cpython is c, java is C++, rust is based on llvm which is C++. Yes implementing your user facing application in some non-c language may improve security, but you are still depending on C when you do so.

So is C the problem, or is it modern CPU architecture? C has stuck around for so long because of how close it is to assembly language. There will always be a need for a language that is one layer above assembly, and currently assembly is incredibly hard to secure.

pjmlp on Sept 24, 2017 | [–]

Historicall baggage, during the 90's C and C++ were still two options among many, but like every market there is only a few products winning out.

C is close to PDP-11 and 8/16 bit computer Assembly, it has hardly any direct mapping to modern CPUs.

basicplus2 on Sept 24, 2017 | [–]

D

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact